Browsing CategoryCrimeware

Multi-Platform SMAUG RaaS Aims To See Off Competitors

Raas (Ransomware-as-a-Service) continues to fuel the cybercrime economy. SMAUG offers Windows, Linux and macOS support among other unique features.

Crimeware

Agent Tesla | Old RAT Uses New Tricks to Stay on Top

Aside from Dridex, Agent Tesla is the most widely used malware currently targeting businesses. We review its core functionality and latest adaptations.

Crimeware

WastedLocker Ransomware: Abusing ADS and NTFS File Attributes

WastedLocker is a relatively new ransomware that has been attacking high-value targets across numerous industries, including several Fortune 500 companies.

Crimeware

Enter the Maze: Demystifying an Affiliate Involved in Maze (SNOW)

SentinelLabs profiles an affiliate involved with Maze ransomware and details the actor’s involvement with other crimeware families, including TrickBot.

Crimeware

Thanos Ransomware | RIPlace, Bootlocker and More Added to Feature Set

Thanos Ransomware has developed rapidly over the last 6 months, offering a customized RaaS tool with an expanding feature set to build unique payloads.

Crimeware

Inside a TrickBot Cobalt Strike Attack Server

Analysis of a Cobalt Strike Server leveraged in PowerTrick breaches.

Crimeware

Valak Malware and the Connection to Gozi Loader ConfCrew

Valak uses a multi-stage, script-based malware that hijacks email replies and embeds malicious URLs or attachments to infect devices with fileless scripts.

Crimeware

NetWalker Ransomware: No Respite, No English Required

NetWalker is following a now-familiar pattern: increased ransom demands, threats to leak victim data and relentless attacks during the COVID-19 pandemic.

Crimeware

Deep Dive Into TrickBot Executor Module “mexec”: Reversing the Dropper Variant

Continuing our earlier analysis of the TrickBot Executor Module “mexec”, we take a look at the dropper variant and reveal how it carries its payload onboard.

Crimeware

Meet NEMTY Successor, Nefilim/Nephilim Ransomware

Ransomware families NEMTY, Nefilim and Nephilim continue to evolve and merge, taking on aspects of other successful variants that aim to encrypt and extort.

@FeverTreeMixers’s previous #endpoint security product required painstaking configuration and upkeep. They wanted… https://t.co/rrRGJshy0510 hours ago
RT @LisaH_Jackson: .@ATT Launches new managed comprehensive endpoint security solution with @SentinelOne. Endpoint protection against #cybe…12 hours ago
RT @EFF: "At the time, [China's] was the only internet censorship in town. There was this thought—oh look, it's so quaint, a country trying…12 hours ago
#NTLM is still actively exploited. Follow each step in this #Vigilance #MDR analysis of a real-world attack and… https://t.co/S0TRyHl0OP13 hours ago

0 / 0

Browsing CategoryCrimeware

Multi-Platform SMAUG RaaS Aims To See Off Competitors

Agent Tesla | Old RAT Uses New Tricks to Stay on Top

WastedLocker Ransomware: Abusing ADS and NTFS File Attributes

Enter the Maze: Demystifying an Affiliate Involved in Maze (SNOW)

Thanos Ransomware | RIPlace, Bootlocker and More Added to Feature Set

Inside a TrickBot Cobalt Strike Attack Server

Valak Malware and the Connection to Gozi Loader ConfCrew

NetWalker Ransomware: No Respite, No English Required

Deep Dive Into TrickBot Executor Module “mexec”: Reversing the Dropper Variant

Meet NEMTY Successor, Nefilim/Nephilim Ransomware

CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws

Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol

A Deep Dive into Zebrocy’s Dropper Docs

Adventures From UEFI Land: the Hunt For the S3 Boot Script